773 matches found
CVE-2023-0116
The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.
CVE-2023-34156
Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be denied.
CVE-2023-39385
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.
CVE-2023-44093
Vulnerability of package names' public keys not being verified in the security module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-52537
Vulnerability of package name verification being bypassed in the HwIms module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52554
Permission control vulnerability in the Bluetooth module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-52713
Vulnerability of improper permission control in the window management module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2023-52714
Vulnerability of defects introduced in the design process in the hwnff module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-27896
Input verification vulnerability in the log module.Impact: Successful exploitation of this vulnerability can affect integrity.
CVE-2024-30413
Vulnerability of improper permission control in the window management module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2021-46812
The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.
CVE-2021-46856
The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41591
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
CVE-2022-44563
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-47975
The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-48357
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel.
CVE-2022-48359
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-1693
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-26547
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2023-52550
Vulnerability of data verification errors in the kernel module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-30414
Command injection vulnerability in the AccountManager module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-36499
Vulnerability of unauthorized screenshot capturing in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54101
Denial of service (DoS) vulnerability in the installation moduleImpact: Successful exploitation of this vulnerability will affect availability.
CVE-2020-9146
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.
CVE-2020-9148
An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.
CVE-2021-22316
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability.
CVE-2021-22343
There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
CVE-2021-22368
There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device.
CVE-2022-39004
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
CVE-2022-39008
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps.
CVE-2022-44549
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality.
CVE-2022-44556
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.
CVE-2022-46323
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2022-48496
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.
CVE-2023-39405
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.
CVE-2023-41303
Command injection vulnerability in the distributed file system module. Successful exploitation of this vulnerability may cause variables in the sock structure to be modified.
CVE-2023-44104
Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-44118
Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2023-52539
Permission verification vulnerability in the Settings module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-52540
Vulnerability of improper authentication in the Iaware module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52542
Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-30417
Path traversal vulnerability in the Bluetooth-based sharing module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-5465
Function vulnerabilities in the Calendar moduleImpact: Successful exploitation of this vulnerability will affect availability.
CVE-2021-40040
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-34735
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
CVE-2022-34738
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
CVE-2022-38991
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38995
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-39000
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.